Howto IPtables (Simpler version)

General discussion about PLUC and Linux in Pakistan.
Post Reply
crazy_frog
Naik
Posts: 72
Joined: Fri Dec 16, 2005 9:44 am
Location: Karachi, Pakistan
Contact:

Howto IPtables (Simpler version)

Post by crazy_frog »

For those who need to understand IP tables in simpler terms I have my own version of a small tutorial for them.


Following are some syntax related to iptables:

1] Block incoming packets from a single IP:
#iptables -I INPUT -s xxx.xxx.xxx.xxx -j DROP

2] Block incoming packets from a single IP on a single port:
#iptables -A INPUT -p tcp --source 1.2.3.4 --destination-port 22 -j DROP

3] Block incoming packets from a single IP on a range of ports (example: 5999:6003):
#iptables -A INPUT -p tcp --source

4] Block incoming packets from ANY ip coming in on a single port:
#iptables -A INPUT -p tcp --source 0.0.0.0 --destination-port 22 -j DROP

5] Block incoming packets from ANY ip coming in on a range of ports (example: 5999:6003):
#iptables -A INPUT -p tcp --source 0.0.0.0 --destination-port 5999:6003 -j DROP

6] Block outgoing packets on a single port:
#iptables -A OUTPUT -p tcp --destination

7] Block outgoing packets on a range of ports (example: 6660:6669):
#iptables -A OUTPUT -p tcp --destination 0.0.0.0 --destination-port 6660:6669 -j DROP

BLOCK RANGE OF IPs:

1] To block the entire range of 80.142.77.0 through 80.142.77.255
#iptables -A INPUT -s 80.142.0.0/24 -j DROP

2] To block the entire range of 80.142.0.0 through 80.142.255.255
#iptables -A INPUT -s 80.142.0.0/16 -j DROP

3] To block the entire range of 80.0.0.0 through 80.255.255.255
#iptables -A INPUT -s 80.0.0.0/8 -j DROP
Hâve á nice day !!
Mahmood-ul-Hassan
Lance Naik
Posts: 46
Joined: Mon May 30, 2005 3:22 am
Location: LAHORE
Contact:

Thanks,

Post by Mahmood-ul-Hassan »

Slaam! Mr.Crazy ____.

thats a fine way to tech ppl like me. please describe some other thing. like PORT forwording.

and also. some discripion about swithes. -n ,-t ... etc
Mahmood-ul-Hassan
Post Reply